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(S4) DistHlsoted system and method for contreSilssg «e«e8 to neiwofk resources 



nc 4 jr-" p tin ^<,'- ^ro ^e^nbsrs c! the 

s>p* ■'V a -et 

f-sr-oors r, o t , su.S.m set of 

the fOi^p CO st,!i> 3 t sp!K *i8:3 set 0} (TWf^agsmsRit 
cto,«c*s A pit,'-, i 3f acv c cnp*fo\ servers f fe wse?J 

car* rois access to a viatrcrt suo&et ^ Jhe ffianagemsrst 
cbjects I. acooposocs wKh the access fjgfns SjseeSJfaS 



tisefs and ««- nbot?^ h« "-sctwc^d -a s<i ^ r> 

'^e ottloac r-qj - ^ (j c j^cj^i >c 03' 

E« ^Oti k'S i i , u s 5- c 5< - ic 

With msmansgs'nsfitot jet, ai o ^ xt, i 
j&qL8's3»c! Tn^ access t i at ; ; 

the access requests f'onpii'^v 5"= r»b 31- * oenvrg 
arKSpartta ^ 8raRttftgaocid8'',(ingshsac!,es$ '■cqust, ed 
i'^ edch access squs^Ji <iccordanc» wih the access 
rights spesfted in the access saanifoi dststtsse- 



j 1 h? prsserjf snvsofKJo reiates primsr, y »o tfje 
»rar(agetr«s*jt of compvfter net»0f1<s and mo's fiartscL 
tariv to a system and meihod fof !lm iirg pccsss to a 
compjsef nst^Ofk's nsnagemefT' oo sets to author zed 
users y {re is worit rrarcs srrsn! <^jf>c** 

BACKGHOUN i Tnc:'N '_,M -^^ 



s sftforma^fc >^ be <.3ta -leci by Ufjau hojtrso pcfsof * ts, i 
afeo the rse work wouks o ao»3 "satintass ^hs 



[0002] SNMF i^frTtw o N'^ m(i> V '-^sgSiTisn' ""icTo 
cy!) *as devefcped Sc provide r Jro. 'nr niu tvenc or in 
eroperrfbis ntj work rfsandgsm&r'i SNMP arovKJes g 

' c 3C' » dfjiflb^sst! st' i,»ur" see f'^-aitr^'' ar<j s«t 

corvS'^t'oiai sx-'booku c-s s ^ubjoct sue*- as Willw- 
Sw.iiogs «SWF. S\!w1Pv2an(iPMON,''A£WtsonWsB 

fOC5C4'' CWJP s 1 ^-^ K 11 'l30C'T^<•rtt 4ocoi tfks 

o-Of^ P i c Ch,-?!^ 6ia'«ci !jV cdrh -".srsty in 
^ofpor-^'scj by rs'e snce c r> ot Toty bacngrouoo n 

■formatiof!, 

[OCKSSJ i^a / rssiwicrks t»->e ^ ictwofk rwnager tsvi 
ten o-* inmpe Netwoft iV.tnag?nfi3iTt Protoooi 
3\MP nr P Tiaftat^rg ns'worH. Amorg its 

•^Oi^+sss r!Sslisi!,so t^eoev>c'JS or the "etwrrs "^iis 

[OQ06J Aji SNS(?P-T^-ic<eaft» (or f^MPnaftagea- 
5ha1 dW'c* stores »■> i 5 n-ef? o-\ « M8>a eWit Info," 
Ti<*too Bass ;M . ctisci or o' co !3c>=> 1 1 vifKjbIss 
'^'preasfi*! Qcj*!efer> -,0 t^a ds,»is.e ft 9 coo 

Ja./!Ca .htj \ 1^ , CO'© i rii,tjfd >■ ' E«ch 

o& si <r\^ ' 1 1 -5 c o'!ii?f-! va-atstes whoss va ije 

^vh;^ -"x," oijf^ !<f rkn<r^qs! frocify &tf> ooe' 
-ivjT-" 'rtpv exd --f ie io(^t>-5i oqflcJo 

'tv^ tsf Qi ^ tis. „ r i i> -s to :} scS c ni^ 



e^y^ii ly kiion r c -J i^t " e iic _> *i 
oindOour ■= s 9T> v_ ^rcn,. f -iii. t Vji«-ic 
■^H^iX !5 jsyjarj f>et.V«" a r CO'- --^ "So- < 
(Twdei <inci the managarrwsn infoftralKSn -necessary icr 
ewd'tig and ^nmtsrTiQ accass co^i'd .Misooaieri 
V S ;c!fi6r» siis's-ns irjt«*r'* nT'ctcrl watem nan 

vant to she pa-sen; ^rivesit^on r>^,f 

(security audi >tr^ .-^ i-^.^u*^ i -^s': j.. -o'- 

viiortcasftdops! ty-^f''-}^ ia ) ! f, \.i Ai! 

girs6 Of these T »U ,ia'3!, a 7^ (^'*9S> X 740 

prasficig as isacKgfoand iofofnation 

IQOif] Wh!!8theX74'< X .v^andX 812 *dx-<afdde 

dra<fe of "housafids vf< come isnai^Js hs'oi- vs ed ob 
^ }8ctsi ussng a sfigfe managsmen) se^vs' to 0 ccdss d>f 
rfccass equssts rwy tat*ss S6W!s» ticMeoscks The 
a"ar<fe«te d(<5r>.sssd above dc» rt^i acSdrsSv She subject 
! p " c v '^n'~;>t.(('-^ <5t ct. rontjo* to manage'Dent 

- ^ ' 0 ^ -nt twsrtion: proitiile s 

ifliork havit-sg or ^lind'aas a- thousands o! tr-isnage. 
menlobi&ets: 

[0014] WFifto X ?4T and \os rei. <f> ^ < .mc^ if-s est ' s 
affe«s« cofit'O o' iimsnrg scess*> lO r^- ^-e-re'oj ob 
iscts, these ^iand^fds do '^c> <.:jc; os-, '-r 

floors V - - f>v -^r ' t.'i c ^ f's, 

Oid O'narj, sv^'i^'^few ■^-T'^rf'- . - T-s 

s ^jVji {y iiacL-sptao a i ths^ ne w,om is ' ) t toO ^ 

corrmun cations cornpany ard the '*>ports c<sr 
cern fesojfces faotf^ tnsiaiie j or ut! izad \vt a ar!!«,i.is!t 
custcKTifif That !s ct-stomsf \ should mi tjs allowed to 
recswe eveot 'ijpcrts afoojt ne -«ofi< jescuroes besrg 
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jfeecfOT b«harfc*cuist<wei B 

[OOlS] i ri fact s^e pr8i,umE>ttorj n X 74 1 and trs t siat 

pioroDT jeci jstf^^ar ischafiiw r al « seoar ate f'or" t^^e 

[OOtSJ ^ov^(v<. < trti . V 

]8Cts ha! ^ jeiOi-Vi i* »o bs cJiohitjitetj i otr acc««s 
are aisn if is fS5 fec b * or" w> k, ^ Kit pensoi shocks to* 
be §v,«ivr<a OM * epof- for fn*iiarK:e os-'Q Jte 

i ! ,j ! 3iio sSeJ c ciu ti-rifj « 

e r -! T ■^nq-^'—^i ' ■>>" V' -iT c » i 

xiirg m$ abfstv to gansmie neiwoM msnagsmaot 
sports jssng'SO,* {stmctufequsfy !a<-0aags>^f)6 i^^S' 
:x:rt qensfators That >s usets fev.ch nsstworte want 
S-e as * / 'o geisfa^t re^rts or sist^s* ot re ' no 
A'o.'V. [sssoucsfS w>" f 3/ocf-f(3 'h«> r'--r^pis!<!, es at ne' 



ny 



f s, H 



TV ag'*-^**" '•sports n fact diret. iSQu Jyp© access 
T i^ht bs seer as, cc>ii t^'y to hs godis of X 741 ssw© it 

:0019j r>-'^ipi«'„ inn rrssent tnventa turthssr jjro* 

database 'or 3 j pcK es of ^epot ^mt^tvin as oopc&ea 

:>evs rsf>c «ijr<- =! V o ! 
aboi.iih8={atui>orpa»tosf CT^ax© i , ^iwo'x ^bjp !$ 
Mite &t)i! ptcwfding iit>e sans sax-sss 'a&tfKtioiw ds 
■inese tSat appiy so nortrm msnagsmBnt Sfrformstsen bo- 
cess feqoests. 
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D i ^ J c c vc's of *f)e 

M -.1. > 3 1 ! d cfeto fights by 
1 c< r ^ ! 'h3 5 oupi. dstrssJ by 
( gt -iup riojf cts To e spec * ed isei 



[COaiJ A ptuiaWy erf access eo ^ oi - ^ v ^ ^ f >> ^i'- ^ 
to process awsss fscj^evs _ac io V r 

r hp accer-s ij-nfncii d;^ aogjse A sasst ens t^js" ac 
cess cofttroi ssfv*fs raciSNtm access rat^u^ssss tff>rR (hs 

fca(,'~ ot th_ss access maw' 5= - ^^-i* p 'ocff 

one Of mose o! Shs dccsss ro, n \j tsrv s s ac j'Od'i !5 

With rpffi8tje>m-s* obja^'s so whic acc-tss is ^? 

access requests frotr the jsa's >)y g^s^tsng denyrg 

Saf*^ a I. a i J ''^-sn » vviih tt^a scoop's 

|O0S3] Oiscft^-eat c"i>. t ^ i.- sicj'? 

msni idofftiatKxt ss'v-^ s t > i <"^^i jt> 

quests sub irtteo by usR'» ft jr;, v i 

"hs managftmersJ tnfo.n^a i>&j\m pr-*l!0^s at 
C8S« f eqy«st »>to two or r^ore ai,ca»i> s^B fsq^cs s 
v*8rv access to tUs set ot -yia-^a^amarft c*>tects sper- 
fi-jd by t^e access requ-es* is tont died by ♦wt, cr we 
of the acvsss f^oifw! 'is^i s j^c 5sr»s secijse 
^ c i w ) --x^re s"css5 cwtfo! ss'v 
( „ ^ j<: I, 1 I. 1« > f 5 rnAno: !»e «* 

3'so contxnes ^«on -tj k 'tio vvc o '^ot^ access 
sub-fsquss 5. gs' s -c* b/ „cc^^« vO' ' '■! -arssrs 
«^)isn p«K«s&)f^^ i 3 ^i. ^'■s -tL 30i ^5, s. irt< 10 jr-s 
dcotnOittcd'-esconsGtC! -^c^jsa whs s-.&Tntuc t^^C! ec 

raqusst that was 0afijtic3ned. 
[06241 A$»cOjidsubsstof he r u!e ob ec's jn mss etc. 
eess 2onfrd Istabase ars ussd to t.f scifv ascss';'* rc^hts 



1 jrc 



qyast* to ?Ji« Jisccsss coniro! c^jjeet tn at-cofdaroe 
ths -sceass fights spaei{i8(3 tn ttie access cmtrai dm- 

B-^i OESCRiFTION Qi^ T-^C O'^AWiNQS 

< cs- (. 1 ! ^ ->pp_ ideo atr <¥ ^ 

F(g 1 5 a Dtock, dssgrarr of an srress cor rot 
en ■J i^e ff^ restr eti^g access So %ft r^anagefent ofcjacis 
r a -^ctwiork 

[0027] Fsg ? de=picts ffis da*a sfiuctyfs cf an access 

[002S^ F-!8 3 espicts a distnbt* od access contro an 
gine J ACE") " accciroanes w a p pfer red a-ntjodctief l 



Qi the »f ssfJiiS :tnY<>r5;ior., 

[0029| Fip 4 c-epicif: ino access control data&aso and 
a rfiescriSAiarrs I'or aod;.-^g osr>i;-'c;s the databa&e and for 
rncKiifying iht; c^jj^ots. ai)s»dy in the (iatabase. 
[OG30j F,g 5 oepte'i& ihe otcJs; irs \ft,t((£:h accesss rtsfes 5 
sirv=: appSifxi for 5:ci.-.~espif)g sach access $eqit$$t 
[0031] Fig. a c;9psc ifj a piofiodijre for processing afi 
;3c.ci!a5 ieq!.!f)3i, dividing n a^cng ti-^e recpofisibir- sc- 

c;oirir.>'n«d ittspcr;st.- ta she itiijissof 

[0032] 7(k;pic:s3<;!-K3rtrorincfca;ingr!OwaccGSS 

rsqossS rasponses ane csombmcf tafhen Ihe iargsi of an 

3CCS8S ssqueat includes mor? msn <!!is managsmsni 

cbjeat, 

i'COSGI r-!g.8depii;isthS9V8ntrs8"(stryar^clsv*5(ltrout- «s 
«r porlbns c;! a^^ar^a9emffi1i ini6t!naiton server msprs- 
terrsd efTiisodimenJ of tss preasnt iovenJiors. 

nisrn Sor providing SQL type waa onSy access to k?9 
rsixsrcfs. reiating to sv^nt ocftjficaisoos gensraled fey ^ 
fT^anagsmsnt objects. v«h(te raaintainingthdsarrtesecy- 
riiy reetristiefis m aecss&s 5© marfssernaiFii oSh*set iMo^* 
(Tsatisiv astei psovldseJ by: ma msBagemm iRtormation 
sefV6f tot Mm mmxii 



omcHmim of the preferred 

Sine ; AC£) lOS !ha5 r&slriois accses by iniiistors 104 (e 
g, , users, and sf^iic&tton programs acting m befiaS of 
users) tothsmanagemfflHobjscJsmariSiworkTOe, The 
nstvwjrK 106 csn be viftuaiSy sype of eompiitar im- 
pi«sfnsr?ed r>6t*oi1<. lha! uses s marsagsment protocoi ss 
h? psrfcjrmii-ig nvinagssiTssnt f ufxtioRs. For Ihs pur pcses 
o< Shis docufren!, vft-s ars ofiiy concernsd with the msn- 
act&rn^jr^! objecfs in t^^j network, whfci-. c-omsin nacxiqc'- 

rnariSy car;certiec; wiirs .-Tieihcids ci fesJricttng asKsss to 
nianagijrnant o^jfects and so everst riotifseafions gefw- 
stied by ,T>8nage!nsm sheets; mti ma& m ace noS par- 
tlcijiary concsrfred «fj»h the cctitsnt and {iincticns of th& 

[0(536] t f v-^f ki ooteiS -^s" f) ma--iv OfMii<TiersEs, 
r'iar\;iCiS!r:!3r;! are -^aik-d "(Daoaged ofcject ini- 

?taric.&3" (MOi-s) in a.ch dix;u"-nsiiis, -ha sbb'sviations 
"Or snd 'OCr a~;;--;c iof "cbiec; nsi-^nrs' «'ic; "ixjisc:! 
.■.•lass." in ihf; J^.-'riinoi-sgy oJ ;his dccurne'-;, iao objjxit is Si> 
m ?ac: a'l ootc-c! i;-;s?arsco. becaussj sMsiy objocf is art 
irjsifinfft or fi rc-ppsciive objsct ctess For :r!s!ance, sac5> 
'ro>.::fe" mar^agefnont cbj&ti'' in s nojwofk :s aft ifisiaf^ccf 
o'3 r-"5poc:wo ■ cuicrrfiariagerrsent Object a!ass. Except 
wh^^r- d.is:mod '^ficessary iG; .^iat y, t!-:e tefm "o&jRcJ' will 
i'i; us;«d -n.s.ie.ac! c f L;f instance" tn ii-sis dcKurner^t. 
Aiscs, :n tnc oro^s-rred erjiboJii-fVini ai! ths tnaoagcrrvsn? 
oirtiacts ;ind access csrssro! e^jjscts ars GDMO eomp!^ 



Ti-:,-; TiCJCt-S control sr!g,rso COrn&if53 ari access 
-or-.; -C-; iaStibfiPf 5 ."-S L:Ke !^ s rsoisvork lis'jif, tfie access 
ctffjlroi database 1 08 corissBts oi a ruerafcriy of objfjcts. 
'various aspscts of sites accnss ccntroi iiatabase, as im- 
piemi&rstsd b> Itie presersj invsntson Wifl be <Jescf ibed m 
mors dessli ia^stow The ast^sis COnifOi 0a)eifa;iS8 108 
con-ains accsss centra! 'uirs v^'hic^ a-.n bs «ppi:cci io 
access rsqysste in ofdsrto deS&fryvtne whetiief suoi^ re- 
qussis sfioutd be denied or granssd. 

1 10 is Ihs ptoc&i'jm :0f ses o$ procedurss) that sppites 
g-is rf'X^Si-:; contfol rutes to each sccsbs feques! so as 
to tj&:armirsf: »vJ>9t*-!6i i.na requ«a!«d access -o a r^an- 
agsmer^t object sJlculd be granted or denied As vviff 
discussed in rnojedeJajf iMcw. whet> an ascass fsqussl 
fsia a tafge! o? wore Shan one n'sarjagamerit objscJ, 
sofpe portions o! s;~; ciccjss reoijest mav ^^'^ ^rsi-ited 
white other pOiHona are d8ri:8rf 

[003$] Ar ,ir,;"sj orifo^cww: tuncticn 

{ACEF5 1 12 -5 - ■- s^i c^:ocGOjr£,-ij for 

ertforcirigthecsci 
tictiisr, )hf; AGFf 
wbss-: the ACDF 110 rs'v.fs^s a-i access cienia-, ?::-,d for- 
wards the access requsst to ihe apppop!-!a?e neiwofk 
mariagsftisnt objseta whets ti^rs access is granlad 
[9040] Ref&ffirtg to Fig 2, sach access rsQijest 120 
is s eats s!f!.;ctuffi! or obisct conlasnipg a sel of preds- 



ids by the ACDi 



Qpersiim. wtjscn Is -he t-/pe o! cisp .^'lor- to ot- per- 
forsjed Oft th0 3p8CJl;eo isrg%i c-bieci^sy dftiined >Dp- 
eraiiof'ij tf-iciyde get, set. ofcatss, dcic-o, actio'^ f::- 
ter. m«ttjpte oijject selsctjon, and Viacetve :toti?ica- 
Soris from'; nots mat the Vscewe tiatffkaiticns itom' 
operaticft (ttsyiaffy cstled ihe 'event not^atiof^" ac- 
ifon eisewhefs in this document) is nof oie of the 
'Oi,.'!> .-■■oris c!efi;)ed byX.?-*' bolraihet is a new op- 
t.i;-;;:;;r, jjddijd 6y the inventors tor fessorss that mii 

oxptfiineti iseiow; 
rnode, squai to GonEi-rt:»d or uficonJifmsd, wn;c!-i in- 
dtaatss wnetjisf or no! the managern-snt fplofinailon 
sarver shouio send response (xiessagss to the :ni' 
ttstor K*en ihe mocJe is squa! to unconfi-Tned. re- 
sasm& ffi&sssges (s,g., aocsss cteftia! (Da^agss) 
are nojseni to ihe initiator wJisf! Ihs -r-nodo is squa! 
So confiffogd, tesponss nessiagos are sari the 

!rii!f,:5tOf. 

synch, soua! So 'a\omic'' 'best siioit' ;t £iy;x:h :s 
set to atftTiio, an access; rsqgcst Oifocs-sd it rttcro 
ttian Cine obisct is ^.ftcrtsci tt sny pC'-tion c:* -he re- 
quest (s denis^d, iS syttch ss ss! io best «fic-;-t the ac- 
coss request is sxecuiod on ti-is objsscts to which 
access Is granted and the corrsspon*-tg t e&u its are 
fiaJlJmeci to 5he mftislaf; md 
target, which spodfies the object or objecss the ini- 
tiator vaantiS to access 
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roo^-*! T-'-* Isii^a! ri (he access requsisJ 120 is. speci- 
■ieo ay inree fssids: 

" Saso cfojed, which indicat«3s a parSicuiat oijjsct in 

"^-j Of £?'e"a>:) 'jmbooirricri base ot cc; a'vif^yi, Xi^<i 

ostow {i c ^trth&f irojn tiio -co?" iho bfs^c ofessct 
that aw to be mcSyded sit- p?,n ot sne Sesijet ssl and 
» hiler. which sets cwt a ' nor co -mtscn g , » !)!t«f 
might !r)diC^!d Iha? oniy n'<tn<-igorr)er! objects for 
•-ai.;«'« ;n w'^-. o f^a'k Crfiu'cn.a ato to bo inctucted 
■n l-'gei ss,; i tor fQSir ci nq ihe sa5 of objects jri- 
c\<c!6:3 in Jhs s/vgs-' a«l -he tiiset tieid is ih© squsv 
aifi'- c« c: ^vr-c'r'' c d.ise a-i datatiase query. A 
' V a:-- "3i,ffy th? lyps of evant 

'.-iikH^ic-- ■ , ■ A ,\ .:.iroce(vs(eg,SN!VIF> so 

Q: CV^ P even: r>0' j:C<:=10r!5i 

[0C«2| A request mat ms a target sdl oJ jus! csm i^- 
.issct. because th^ scope fseid ir* ihe request is yrsused, 
s cc5!is(!:.{of>3d 'o bo "non -scoped' -squost A requssl 

*h8 sccwc f >U n 'he !8.jj<>si ^-dic.slos iT'cjrt- than one 
cbtf^ci 'o io be acc.(.c>r>ccl !s ccjnsfdefev to Se a 'scooec!' 



buito- oi Access o ^'!oi Ovc a' Pcr.'ors 

[0043] Psf«r(f 3'o«=^io 3 the (vjoci-ons cj&s&accs^ 
cor>Sfc o'-gne<0?(Fi3 i)£:.gc3<s5'©jvCOOverapSura% 
r. --f;?-.-.! -si- ^a«.. !hcsno?tn<A,i*-whichac;css&5 34 

i \ ! .J'o■^ '! ^ <v»'ii ^cntir^brif'Gvwew" 
" J > t '-^ r^'^"' 1 -'^i^V w It, Oi tre 

74 1 ) pi wided ifi o>h<i. s^icsjisris of the doeumant 
|Q044| ?n (Tiany inssawas, such/gs sateisfsare tiet- 
wofks, the fjusrbar cr netwcxk fnaoagensni c^jecJs is 
oatf«mely large lha ow^bst ^,^ ci3'<A3n£ 'scj ;rir»Q at. *^ 
cess to $fi8 maf>a9en«r! oi- v,' e cc^k-ipontirgy 

•access racues 6 >jr«» ii'(f!> ia f:>v , or s,^ n 
stc>ocf - !yp -*> Pi i-Pis ffc , w 'i ' esue'i i r-?-?*; s 

vwr oc-ftic (>3io>h >«!^;<5r-^o i t p iri r>* tho ret work 

acc$$s cqi^fcst mi ciesigrats the •narti<t& ner i ubjscts 
ort>i9 dtJVfr&s t3& f hut ocwn O**!?' aco&s'- tequesss 

: tsutifves all niarsagen-iftre Dtjjsct accssss fsquests 15?0. 



aoddiSsfibutes eijch tsques*. o> po -.^jofe oj tr;<j '.jqu^si 
SO & sci of auxiiiSfy servers 1 52 m acscorctence with the 
pOftiOfSis) of the managsrrss'it oiojact tree rstsr&.^ced ay 
t!-is request Each sa!ve^ i 50 and f 52 pertcsffris both ac- 
cess corssrcS tURCttoris anci tiie req-jsgE respersss pth- 
errg kifictsorss Tiiijs. accsjjs cor^trot procsssing isds- 
vidttd among ths MiS 150 and auxiiiajy S!S5f>^«f b 1 52. 8S> 
f}»'!ng tfiStsr sfoc33S!!";(! of .'iCv-css r«QUOSts cJisrsrtg po- 
"COS o' -^^ivy rec.:s-s' ^'afif 

^S04S} if.!jiti?jyl!S! 'i-ts Ml loOortiyperfcrr^- access 
eorttfo: 'or i;fcjuc:s .it ths top o' She rvjnags'rio'it c.Djeci.-s 
irm, *n>io eac^t ot the jjjk -. aiy satvsrs: p.'s.fciris access 
contfoi ior objects t$sp&c.;v';5 cSesig'-^twd s.!.oif •=!<:!& 
S^e tjvssnagefnant objects trsiS £>ie ,f:pc)rta'-!t excaptioo 
to ths above stat&Tisnt s ihat a!i access reqiiests tor 
even! notScations (s s , wiSt an;^efatfon ot "receive no- 
tifjcstton from") a?® deiiveratS toan event fsgsstfy mod- 
oie io th«> M(S, rsgaidtess of wftid^ objects Sire ths 5af- 
gsts of Jhs access requsst. Jhi^ » dfecussed in mors 
tfsiaj) befow wSh ra^ac? te evsnt notfetiof! accass 

[0047] Ih scSditioo. a specie! ausciiary sofvo : 
usad to todfe all updates to the accsss cor- . >b> i ■ 
tras 170 {which Is rsjt tJte sai^a a$ !t»s pnor art accsss 
contfo! tfse lOB, Jot fsason& that wiii fee axpSaji-sad tje 
io»l Is- scw« impteoisnfaeons th« spectsi aoxiSafy 
Sfivef 1S4 r?i«y be .-TJsrgerf *itf> the MtS 150 o? c}f>e oJ 
'fUM'scfr'.i'aux'ir-try'^s've's '52 Afernataiy 'nsysta*ns 
<^ v! V ^''coss 'f qi est faSftc tha «f ecfa! 
HUN) ^ -vt, V w( } Cc- - is-J ni3 «msr!»scl as 3 separate 
sc«v«^ e ?n5,ty or the same prystcal sarvtsr hp'c«vi.a'^ 
sa ens of Jh9 Qltssf aervars. 

[9048] The mB ISO aach avxs ^ty se-v.'ef 15S 
154 storos s ss3py ot ttts laccesf. control objcc trsa 
1 ra but (s rs^ionsibJe only tof processing -sojiasts to 
accessB re^cJitfepiCstsQn c? th« fiatwoffcmansgemsRl 
oiJiecttree kanaftemaiaemaodimarrt 8t^c^tCJ{th8MlS 
&m aifSi'iary servers could f-tora jusl tha pofliofs of th« 
d<^ce!>-c<jn.ic ^bj°r *'«e 1/0 needed to ^leffOrti Is as. 
ssgrved acc8;>3 controi fonctssns. 
fOQ49] tt sccevs 'aqoafct has 'argft objects n 
oofticna ol the tranagsr^eri c4>,oc t ss that isrv 
(GSdbysTTofathanonssfifve' the f<cce3& feat,e~4t ♦ 
ntoascess sub-requests bv *he Mi$ ^ TC tsnd sc it to he 
dpfncprtale at-xtlery mv^m 152 Th>» accass st,b r^- 
qoes; mspomoa gsf^eraJed tv a t ths ssfver s are coist 
ed hy y ♦ SC md '^turrsd toqe+^ar 'o ^.qyest- 
im ifsfjr or aoDlicatiori. 

» c ir-trr*rfco -0 o' ic (. J . rcq>.vJCiS 
» r^e or -nr^m ^.eE^«M pr > <^-" ng uf>«s fCMU$) '62 

rof 8xeCv<s ly ^ccass cotUoS procedyfes stored lO 

the VilSt. ^(^tnory 
• mp-'jof/ IV tnf!i.Cin9 hot* votstee high sp<»ec 

RAM isf)d no.vvotet;te storage such as raaspTaijc 

disk ssotage: 

» ari n'^'-^sce 16& for ha a«\g sscue corrfrjfflca- 
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!:L.r;s bi'Widep. Vf-i U\S, 1 50 iindihesuxiiiaty access 
ccntfoi £ie:vafs !52. 154. ajxi 

• one or nori? ■..•^;fj.-r<ai busses 168 for commuiiicaKrjg 
ciaf?! and a^csrarts batwsBfi the &bav& refersju-sd 
asemcti-ijs of ihs ms 150. 

[OOSI ] The rfistnofv 1 S4 may siose; 

• a parstai or ftorripieis copy 170 of an access cc-ot'oi 
trse: it ^ouid b« f3o5sd lhat S^s access cofitfol bes 
1 ?G ir^ ths 5 rs'errod smbodifnent tias Mdrsnt cofP- 
pGncfiH sins orqani^gtionirjan tbosaspscifieti in X. 
745. a.nd !hafsf-7T8 m access eontroi trs« 1t® in 
Fig I tsnc;!h&,s,-i!rie38Si9aocessoor(tfoii!'sel70 
ijse>3 She present invoniion, 

» 3P. access ,'3(;L;g»! pafSiUoninoi jirid •0[}f:r!g pfoce- 
r?2 for i;siii;;ic>n:'ig accss-j osoueats ;n!c ac- 
cess sub-fsqueste a.nc! routing 3ccsis sin-rs- 
quasJs to Jhs apprc5pria-G ssm^.^s; access cori- 
iroi procsssing; 

• a subtree to server mapping safets i ?a vi^iich stores 
5hs Wofffistlon necessary ?or the MS i5Q -o dstar- 
wine ihs-sesFvef or sefwsfs lo: whteft each aiseess 
request shoaltf ba sent fof aifceSis conWol pjiEseas^ 
tog; 

• an gKa5esscc!ntfo!9S}iSCierr!smfa!icti^^ T74: wf^ose 
functionality is »sg: sane as *8t c* stis ACEF 112 
shown in f tg, ! ; 

• ari access conlro! Jjecissort Junction 176, wr«6se 
fsinctssnafity is Use sarne as ih© of ihs ACDF 11 0 
shown in Fig. i ; 

» s rsqjsst responsa comtiming pftcedifre 178 for 
rtiergirig ins r«s»onses generaSsd by ffjs varioos 
asrvors to oacr, aisiinct access request and rstufn 
s Sitigis. combirssc! response to the inHiatcr, 

» sr. af.-ay 180 of siaJus information abows access ro- 
qufisis W0S8 pr<3cessK^g hfjsrjoE yet !isef> eompfffi- 

» & secii; :ty audi? iraif 1 32. for ksspins d record of aii 

access fssiugsts; 
» an sv«!nl rsgtstry 184, v*ich is a miScharMsm fof 

kseplf-sg tfsck oi want nofitotions that partioufer 

users have r&qLfessed: and 

• aft evsri! routsr 36, vsrt->ich is a mcdyfe tor sanding 
event rsotiffCsiior;s to ossrs or spj^icaticms iffho 
have (A) requsstsiJ Shosa evenf ROtfficafiesns, and 
(B) v*o a?e siithcraso' fo r^csivfS them, 

roosz] Other aspscis of the U\B ISO not shown tr- Pict 
3 v»il? bs descriissd b«iow. 

5;0055| The MIS ISOand aifXiiiafy sewers 152, 154 aii 
i-ri^i.ntsiri irfe;'!!CLSi! f.oriie^ oi n i:bnf*fy of accass corUro! 
f;!Cic;^ci;jrsjS wiH: aS: ,-i cospv oi th<j acce&s confro! ob- 

iociifss 170. 

[GCS4] i-\-s «:C"sif.<ii)a'ys.ewF >rwfsj>ies 
■he &dr, f,> h,-: U>'if3;& grxi sofJW;i!» eter'iants foujid tf>e 
f-'SS -iSC «.!io?r. -or 'A^ ;ho sposiai pfococtjfes {172, 
1 "fB] in ffie MiS used jor sijaodisftij ihe fecespt and psrts- 



iioniiig of access fequesfs. arxJ the csjaibini.!!^ of eo- 
sponsss. a^d {8) tiiay ea* ttava jost one .ntedaco 
180/t68for Tec«iV}fig access requests sncf retwriSrig rs- 
spcoses. Eachauxifiary ssrv-ar 152 i«Sa:r!s eijhssf .-sconv 

5 ptete copy 1 70 ot jhs access cofitfoi cbjcc! trco. or ;hG 
pofticn of is rsasct^to handie 5ha sscsss rc-qijests ro tie 
t}a.nd!ed by tteE atiXisiajy server 
[O^S] Thto 3pec!<5i a-j:<i!ary sofvo.^ 1&4 m.iiniains a 
copy 1 «0 o« ;!"s aocffts ccntroi ob;eci trtse 1 /O 'fi per- 

*<' SsSlSi'i! sicrago so l.^xai 1!-;=,* ;=c.C8;SS con'ro! oDj^sts.: isro 
avaHisbis tor yse tsy aiS ilie accasss confrol &s;vg:^ wi^on- 
ever Eh© access cesitfoi syssem, ot sny portics^.s ot <•;. is 
re-boofed sx resaaffed for any reaaofi. Tha spsctai auj*- 
iiiary aerve? !S Siso fes{;or>sibie for s^s.iciiing b\- i^p- 

''i! Oat«s ?o me acc.s.5.5 controi cbjscs i ree 1 70. 

in addiiiO!-i i;; ths f:;-;r;esi, ccnvol iifnis-v procs- 
dtif&s sh<jr,^ wth the oiiier sers'sjrs, sue sp,-;ci?il gijxiiisry 
se-ver 1 54h;-!S: an sc;>-^!t'on.:5i pfossdurf; 1 34 ic; nas^dliriq 
fiscess ooritroi iha jjccsa-; cwirof obioc; ;-t-;) i ?0- 1 SO 
a,".d for handii.'io -.jpcistes o- tr;..-! AK.-ts;, cori.ol ajisct 
tree 170/1 SO The same typs oi cccass cof;;,'cii xt^x is 
assd 65 fsstr'KS access lo mai-sagen^wt oO'Scts is aiso 
used to resfrict aceass to she acesss cor^l roi object iree 
1 90/170. in otfisf words, some of tne target ctiieas and 
fiiio (^'jects m me acesss t-of ijc! cDj&e:; uso 170 afe 
ijs^d tc dfiftfis acress nght<.. to ths ,=3cceSs^ control ob- 
jei.£s, sno the speciaS ;ii.Ki ii>ry s&rvef iS^s ■esi.i'icts ac- 
cess !o tho a;;ce5s cotjfroi objocss n accordance wtfh 
the u:!ss tssfif-ed 6y ihose sc;e*s ccntfo: obji?cls. In this 
vsiay ofjiy autfionzed jsk- s can access and update Ifie 
asesss conirof obiset ireo 1 90/1 70 
[OSSTJ The MfS ISO nas srougi^ Knowiedge the ob- 
|ec( tree irt the network ic krii?w wf;;ch auxiiissry servess 
are needed to ggrv'ic« ^acli r-sqaost pari!c;j!ar> she 
-ss MfS has an Sfxcesa req >as: pr:(ift!onir.g anc rooi:nc? 
p ccsdij-e 172 5-.riri ^ !--!app!;-« iat>l3 173 ifist slofss in- 

.{alsocaifsd diV5s«in pomt node«>. More specff-caiiy; tte 
rtsappny 173 co'4d.n: nou'.a -jS rucord^ 

«> Each rfjcofd idssnrffies a Pv^n:jgo',Tpf,; c-b;eoE subuse, 
ideritthed by a kipfnos: objoc csilsd a ires- diviSior poinS 
djjscu and also Idenfifiss the server 15£ for handling 
{hs:aoess$ rsquasts to c*)j©B.ts in that^ 
tecf subires. Porsiach access recfuest, fhe fi^lS 150 fsrsl 

*5 applies ihe 'gfcbaS deny 'usts," as bt* axpiatnso tn 
more deEsi! beiow !; ;i- e iaqu.^s! i.$ r^or ^spua^ ty a .^io- 
bisi deny rule, \\\^ 1 50 <--en trav$fscs fhe nsiwo.^k 
ob;ocl -fSG \7Q ,•50 &s to idis-ilify ;t)«i server or servers 
rfcqi; r»d ;o tijrtner procoss t!" 3 a-iiess ieqiissi 
raOSS] ^for^j ipsc^ficaili,' for ssch fect-ivad acca;>3 re- 
quest ^otfiof infin S1CC-3SS rsqucsts for evens notii.ca- 
tions) ifie iVtiS traverse? )h« nsrworK oSjec! !rf,<f ;jjit:i 
reachesany of thsdivisiors poin; objects. Since s!! rnjin- 
agt-jmnt os>je<-.:s bolow f-e a vksi'^'-i ixj ! j^,.^ Ki, dts io 
bs prQces,?ed by a correspo-.^ ncj aijx!!:,sry aer-j-fl--, ihe 
tree JravKSei steps at Sfiosts .rb;fec-,s. c:eser..j',r:f^ -j ^ how 
ihe access mssnagerne.ri; djiics fiave bos;i d;Y:cjed 
among the servers, it is pcsssrbis mas a &\nqte access 
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1 5^<j'j<?st AM. have ic bo i.:ii:titici;isd suo two os fi^ote hc~ 
cesa s LitJ-f eqassss mo sent to two of mofe ot the servsrs 
for iurlh^sr f>focssst«g When a resfjwesl is partitbsisd 
processing by -Txjfe ttsisrs one server. t^j$ base c^jQct 
and socpe portfes of ■'^e osich oannicir- oi me ^<sss 
request (i e , each &jb-ftiqv;fis:i rr<..ri!fied so 8S So 
Ofjiy 8.'x:ofTipass ifie porxiofi o; '-ha ma'-s.-v.^off-eni object 
■rS'C srjn,<iccc! £S' fhs co; responding f<-3i%9- 
iOOSS] 'he s^liS i:.C -^is^o tiVi^nters -S-f;-.;? 'c- 
1«Q of-i s^xJi c03fi;!u«; r-xjti-;?; wnc-SiS i.-)!0<:i'4a s ."Ci 
V'OE compieted. ~ivi ::\^ub ■■nto'm^i.Gn ISO ;c3s:r,;t{!0s 
the servers frofn whscf) pafliaf rasporwes sr^ oesdsa £>3- 
f ors a (sompists rssponse am bs r etutrsscl to ihe inttiatof 
[OmOl Dependirig on She imp'smarttatioo. ths MtS 
' 5C k: acfc;i!Ci-i apjiiying tJie cjIclv:! ncr-.v -Lfi© to sacti 
r^CiJOS- may --iifio w fiSspj' io' ; ^s.;- ct;ng jsccsss 
TO vKfb,.;, p<"..-t;c;.ns ifift - ^.-t,; ( :r.3ci tfB« nc5t 

aliocatsii io any at ths auxiiiary sesveia i^of insta^^ce, 
the MiS 150 wli -ypiCciiV Ct; f.^'Xs.;"S!^ 5 - jr rssfs'sciing 
access so - bs irict r-.x-e ^j- "ht< ;t: < - i.^r; c-fjjeet rcee 
and can sisc mads fosponsibie tor stiy parttcuiar 
fcfanch of She managiSTisnt obfect irm. 
[OOSt I in art sSemats «Tft>osf{meiit< secsss eofitro) re- 

or ways, tor «stefv.:e on tvisis the typo otofimim 
to be pertortr^icj or; :ns iar ns! nbiects Thus, on& serv&r 
rnighi be rssponsibiso ^o^ n^;r.C!ii:f.j aat operaiw-ss, asjotfi- 
sr craste arvS dseto opei«-tor-s 4;fi(3 so an 
[00S2] sc.::(3ss secyr -iy ; :iips rtrft stc'u-i ;>r S'M- 
ent storage, wl!!-, --scont-y u&eci surtux-.-. <:iBo j\;!!5c! in 
cachs momofv. ai sr^e MiS 1 50 jsrc aach s»x>!(afy sewof 
•)S>2 VVhsr.evs'- a'-y acc^s con'.roi ?ute (S tipdated, ds- 
leledoi ackjscitoihe systoiy], theruisbaseinevsiyaost- 
liia^ se^'er :& Lipdsieo io 5ynchP3f!feedlashis» «$ins w 
evsi-it propagasicyi fTischanssrn Ih^ is aiso a&ed iat hafi- 
diing <iin«{ iypsg of evsni mess83«!S. The ptKmes for 
ijpdatii^s the aecsss aoriir<s| tirjSie lOS wii! S3« sxpiaifted 
iri more deiai! bsiow 

The Aecess Ctsitfca Qatsfcass 

reos^ Witl§ X741 indicatos to tabjsct sccass is to 
i33 oonttsHsd on 8 mm by iJSBf ba^is, she ptassnt irtvsn- 
;io.T corttiXJfe object Acc^s or> a groyp Jjy gtoue assfe. 
Ths user grour; ifcatura heips to grsasiy teciuce ths 
anioof"; ;)! ''TOb/acj o dsnns; each ac.Ci'sss nils 
rach nuTho-iied Sui scc-iss i.^-iofn^iJtioi'i «t Sh« sys- 
«-rn is fj-ssigr^ga So one or rriofo {groups ^ccass ^jiss 
«re dfifinec: in i<5rrrs c{ c«ccs&& Mgnts oi Cjrotios f or in- 
::!Ani:<3 obisic* pararrisisr i«adtr--q r^ghSs ^fe- iiksly to be 
A?.?, gnoci u-s ng a':fi«r(!nt Qrcups thar» o<>ject psramsjter 
saniriq r;gf>5s. Ai&o. miBS aia iypicsSy definsd hs6rari*ji- 
'.aiiy vsfih respect to ihese grcfups, for instancs denying 
riccQss \o Cti jtoner A'is sii&tree of objects to even^ofie 
<.'vh:> !S '--ot t3f!h{-i- .1 Qusiof'-ic-r A grotjp msftibf*! cs a ays- 
'sim c;'J:r--n;sS( iSj- gr&^f) fit!i"nb-7> and ;r-o;i i!.jrth&-- cJe- 
fi^ r:: ■^ht; io ^t,x;^ i'- 't^jsc- e ^ a SLbtree r. 
.sccorciancs w-ih groups of uaors &eS up by Customer A 



[0064] fietsjjirig to Fi^. i, ihe pi anary coffspcnsnis of 
!ho 'AG&ess coniioi tf«« 170 a'Q gravs defsnitfons 200. 
aserdetjnitiops 202, targst oafiraijoris accsss rutes 
20S 8nddetao!{fuies20S, 
s EachgroupdGfinaionaoOisrsprssemcdbya 
gfoop object, having tne toSSowing iietdis 

• grouo name; and 

: h6 group obj«j«;£s sre wsed to t^ap grc-Lips io usois 
[0CS6S] Each tissf defete 202 iS repressntsd by a 
ysas ^m, toirsg Shs JoSiowing fiskte: 

ts ' tiser name/ and 

• fist of groups, of Which Sf ?s usef js a Ffisrflber. 

user isbjsfis ars ufe>3c! ic- identify aii tht- grcsutis 
vsfiich a parfiCUiiar usiar beiorigs 

J?o |0^7] it sn€.:jid be rioSsri hsis 'ha; !hf= ter-^- 'uftrs' 
inciodss etitfSies other shan tssrs Snat can be grBntsci 
access sights Fof tnslartce, Ih9auxiiisr> servgrs, ihs log 
san/at. .>ind even objects in ma syst«»T? can tis sss up as 
•users* for ihs purpose of dsfln?ng access rights so b& 

^ ascorded to those emittes, 

pOOSSJ eschtsrge{d8ftri?tion204fsrepfesef!5edbya 
tsrg&t cbjsci, having the (oiiovvsng f.elds. 

« target tsame; anci 
^ « a list O? t}as,t; irxJiiicyyri-ent obuJCtb. Itifj) ;5!iJ !3s 
irwiudted ff? Sno l,-jr3<3t se; rjoriiitiod bv tna sarget cs>- 

mi 

• a fisi of rna;-i39afrcr,i o-~.r.ec\ ci^ssfces l- s n&iG is 
asod oniy wtia;-: ;? target set tncSusos ia!i \hs rriari- 
agernen! obiisc:?. o! a pasttcutar class, subjeci to t.^^s 
!»!©( coM-id;lkjn {sse ijesow); 

• scoce. y-iH caiirig :h& ni.mbsr of namgawant ob- 

ievc-G b8»w 'rsg itsisd t>ase fnariagsmsnt 
<jb;s.cis ,i ..ii o fcii ir-c ud«d >!i thss iatgei ssi. aid 
"W » a f :e- . ,VM:. '. .i op!<)fV'!! Sseid ue«3 SO rsstrict the 
S3f oS GCjects !ncti.!ded »;> ,f.2 fargs; sot; the fiixer Si^ld 
Is lha squivatent ol a 'where" cifiuss in an database 
Quety: and 

• an CiparatKxis fiss, wh«h Sists the ^-jenstb-ia {^^i. 
'■'5 sel. 0ic ) for vvhicti Sj-so ^^--fasl sa: is appisca&ia. 

^QOSSi Each ruie de' niiiD^ 20C is represented by a 
r;.:5 object, hsv-sng Ihs ic-iowng i^sics 

i'-' » a rijic nai-nf? ide!>J:Syir-g fhe rijie 

• a group !i=s! i.-.ai dnriiitses a'-'- fiio ui;cr g oups !c 
^*}ich she fuSs is ffpptic^fsie 

• a targists iisl, whK't j& a :f&S of the target objects to 
which the tijie .s apoiicab'^j 

» anenfowemsfiEsCion. i'-dic 3;:rig w-ticthar ti? "spsc- 
ified groups tjf usiS's h«v-j o. do no- hAvg ^iccsiss tt) 
tho &pi,cifSgd tarpe! sef in a pfcSSirod nrr-ititxji-nent 
the anfoscsn^etit acSjors oan be ss! lo Ciany wittj Be» 
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[0070] Delatift rutes 208 are fepreasrsted by a detsu!! 
rules object,, hassics the foiiawsrjg ftoids; 

* a Stst of da'-iiii i^^<^■->i:-o - .-■-• ^ ,-?.-«-■ 
apond!rigpfsdQfin8d!is;0!Cjpa:aiions{s g gas ss! 
create, de-eta- eSfi. !; the rnoai tv'picai fiat of dssauit 
er.JO'cerfien: Actions -s So o«riy fsccsss s ^■^c-?:- 
<rwis iypas bui eotrti snpl^n^v ■■■il-.c--,^. sys- 
iern fKimmisirsioc mghi decide to miike ihs aeteuil 
for some operations, men as the §«>t opefaliesn, to 
bs 'grarrt*; 

• 3 dftfetili enfofcemam action tor svsret noJificatiaos; 
arsd 

0 a defaoa oaniai r sspofis© (i.e. , dsny with rsspofss 
or deoy w!tr»stft rtKp<»9e). 

[00711 Ths dsfauits 208 sre delauft responses vrS. 
are dfifinfiO ic sacr: opgr^ij.rX'i ^jnhsr- no fUls has baer* 
dsfsnsti ihat Bpos-es i:: « pamcuiar accoss lequisst For 
instance, t^s ds'asjits couid Dfi sei to 'Gr^s' access ra- 
qiffista wtes operation "Oef. anei to "Deny with Re- 
spcnae'' siccess rsqassts wfiog^ c^set^sjh is ansffeing 
other than 'Gst", However, ii ish expeetad that in f«ost 
impfemersiaiian&aa th^dsfauns will be set to efth&r 
ny wSSh Response* of 'Deny wit^*o<rt Respcsnse' T)^« ds- 
fau!!S 20S 3fc prs?erafe}y defiriSsJ iay a sirgto Defai;!! oa- 
;«ct -Miicri eorssars a nrarst or dpry flag for ssash oS Ihe 
ds^Soad os)sifatiO!-!S. 

[0S7a| Each 'ruio- sn the access cmuoi iros eiiher 
gfjin'.s cf denser access tjy c^tlain gro^ss of itsefs 
(ideniiffsd &y iht- group cbjecls reSsrenced if» the roie 
c^isjct) tc s SS5 of tar^oJ objects, spewtfisd by s Sargtst 

5»:ec> refsferir^ci !fi ;he rtjie obisct Unisi^e X?41, ac- 
■;«ss !lJ!^--^ .a-o !<>; :jo -nod on a ysor by 'JSi-E b«s's &ut 

licuiaf ^sisrs p-.n and laava tr,e en^'ioymen! of a c.-srn- 

group ooisas ic Esis updaiad . > '-.3 :o 

jpdatSi sii tr-e rute objects th-at iSppSiSd sc ihost usfirs 
[eO?Si !n addtion io Rife otiiecta tte- ^oify a ssi <rf 
isrgat managamant c*i|ee!s, ifis system can haves orse 
gfdsai darty rute object one gtctos! aSow «iie object 
Sach of she gkJbai f wis ^tojscis has the same stftxatife 
as a feguSar ftjfe i^|ac?, buj has any «pipty taigst ife: 
iieid, wh;ch ind)csit«3s the ruis is a 5^<*s! ryia The gksbaf 
d8r)y rjis if do'jf^sd, scssci-iss groups of usars Jhat C3r>- 
rvos psjfG-rif (srsy opefstior's w 8^■!y rritinsgsmem ob- 
jects Ti",(j ^- obal -^rdr^t juia, tf d-2f:risjd. specifies groups 
of "s-jpe;> i;?f:'-s" ,d ^ , e,ys!<5m arftriinistratofs) that are 
flt'ijwod » perfc-r'-i s;! -.^sraiioos on afi (Tsanagarftenf 0S>- 



! ?tt --S C-! rTrcCififd cjif-isr atx^^ss corttro! 
> riLSVi- -.0 oy iT--cdif:ad (f; ofdei io Ksep 
:-k5i i os 170 r>o~f aonsistem. Tor in- 
! object i5 jTiOristied 10 cieieiB afi the 



9rc5yp& p-eviouiriy ifioiixted ir: -he v j-ir 'jroiuf.' lis! 

arid to miiKs the fdsritrtrod ussr a menrsber of a pr eviousSy 
dsftnod 'DiKiyAii" ^foop. aif »h« group objects thsJ used 
!o be listed so tfie user obpct wtii hsva be updated to 
s cfeieto this user frofrs their ijsor i)«ts ar^d is-s Dc-'iyAii 
group cfej^ct wril need fo ha upd«!ec! t-y aocsing fus ussr 
So RS US9; iisi !r> 3roth«! avarnpis if 3 [urg&l ob.&A iy 

deleted fror;-! ths access object -res " 70, iit^n a-i ths ru\o 

-c rc^jji^si &q :c ssw^e the d&!«tsd targat cftjisct 
trcxTi Jheirwge! objsct Ksfs 

|:«5075| in ofsser to swswrs ;hat tlis ac :es£ con;; ob- 
iscUfe« J70 (B STjainiained in a s()!f-<rons!stsnS sisia, 
chsrsges to the access codifoi objact jres 170 are per- 
tonrtjed by a procedurs sailed Access Confro! Con- 
it^uiaiiOft procedure 210. "H^s Accass Contra! Configo- 
iBtior- r!fOi:8.du>re StO presamsa gfaf^icsitmr srjEerfaca 
i 1 2 tc Lssrs authorized to tnsxJify !he access cootrol ires 
v;"' TJ-s ,i:c9sa Cor-.-!o: Cc-niiguf^ors pfocedurfe 350 

^0 c\'v3 i-o ■iJ.'-'G: t?arf i.ser !o-«v;gaie, <r>spect«r>d mod- 
ify ifje act-eiss corttro; tree 1 7Q Each -irfsa Jha sijtiwixsd 
us8rsp«ciri«s achange Jobs rnade ioths acesss cont soS 
tree 170, She Acc8S« Controi Cor^figt-rmicn procedure 
210aiso makes affthec^her chmgas totha accsssscon- 

^ m Use 170 re^yirsd to kosp ft ssif-ooostBtem, 

Applying Access Contro! Ru'es; Jo Requests 

[007S] r?(-.-,;ifnCjt--)r.fj ? 'h<-: ^>p^i5«^f.lt^<:l;;r!^,.lc.'-f^ss 
■S' cor.tiol docisw fufkrijon ■ 76 Wsr ;ifi.i L>e c.xpMifhKj wrtfi- 
ous ccnsKtcnng the trripact o; part-jiOTiif^g requosis for 
processing by one or rrsore ssa<sf«, USer, raqussi par- 
liiiomttgand lh» divisioti duties arrjofig thss s&n/ers swif 
be ejspfainad. 

3fi {007?J Wh<}f> an acr.s.'iS ieqosst ss recewd, th& fic- 
cess se;^i;esi is t,~ornp,:a)8d si o-t;8ss!ve!y with Ehs global 
deny miB (siep 220), ihs iargc-^cd deny fules {atsp 222), 
me 3!0brft cj'ant !?!tp 3. .r, sr-d fne isrs^etsd aitos^ 
u,-!9s {Step 226' sr- tr j- - c!«- ! hs {;i-si i^-ia found i.hai 

-'0 matcfies if^e sc^ s ,;-5 ..■> apiiiiaci to ;t {step 230) 

ff no ffatchi!^g ruie i^ Sound tfi-.sn tho s-ppropriats dafs-jit 
rtils is Sppfed 232}. 

[007^ By appfyitig she dafty rutcs Ti'si and {^<?!-i rta 
§rar« rules., access denia! rtif-3s s^e g!v<?ri higrier p; !Of!t:>/ 
^ lhan access gmfiS ruios, Ateo -his s.ii uciore i-ia!>.~iiE tt r el- 
aSivety easy to defifie a ses ot access r^-ss tc; grar^ o<ir- 
saip acea^ riqh-,^ to a broac; grwp users, w-.s^i 
spscjfy ssjbgrcijps lo wncn^ snois ,:ic;;9S3 nqhis shouia 
be domed, 

5<f m>Br: dn a^-cfis-,-.. rf '^^le-j' has « ^-aroe-i -soi wijh 

rRpr© ihafi oiio i.-a-go! cbjoci, sifjerijr.: f.iSos trisy apply 
to diiiefSfit orjes ot {h« targD! oi-iiscta spivijjeci by me 
request in ii-mt caso, the tirst is-.ie ff.-'ord th.-st (s sppf'ca- 
bSetoeacbparsicuiasiafgo; objoctor iijbgrcijpci t«rcsi 

-^^ objecfs IS a»pf:sd to tnat v.iriol or 5i.:f3Ci-'^vp of targets 
M a fes!j;l. son-.e po'lions ot an acce&a -5t,ijast iriay be 
granted, whiis oftors ara denied 
[0(^j Reierfing to 6 tJ-.eie ss srsown ihS Se- 
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quefice of ;5ctKsns pestofrrmd by she access ;eqijsesf pas - 
iiOo'^nq csnd 'Cubing of.>codts='e VtZ the access conlrai 
rifx-i-o-i ar,(S i=j-!'oFC6f5^efit fuficfions 176, 174, and She 
iequtjsi i sj«;x.'f -se oonibining procddore 17S. Note that 
ihis ■:ilscuas;o>- i-oOb nai apply so access reqiissss for 
i?v«:rit nntsSicat^irsp, ^vh:^;^■ are hsrtdSsd separaieiy by ihe 

[0081] £f.;on access roquesJ is recefvsc! by tho ms 
1 50, whicrs then cort^res the access requssi wsth the 
global deny fule {step 240). if a n^tch ss fount}, Sie 
q«ci5* !s o'0!^(eo' and a se&ponno is reiumscf *o ths soiji- 
aior s! 'jpgropfsAta 24i:: No response fs rsJurred 
tc- Shs :fi(i;;j:or wheo {At itie aptiiitsjbis giobai cisny jyis 
f;E)eci:ii5S i^in arito,'-Ci»:rsrst of 'Deny Withou" Re- 

spcr.%(:°. Of :'B! ;he !ss;!jcs! ijsa;t specitss-a .ar ' jr^on- 

ths? :V?iS cosTips^es {'^e iargst set spatmed -.n fhe -eaL^esi 
with ths siiotfss to BSf\,gf mapping labte 173 !q ifessr- 
iT>in§ !hQ server or servsrs fo wnich -hs rsquoss vwtl 
sen! fot pfocessfng (step 244) if im fsqussf s ta? gsl set 
fsite withsn tr^? dcfT^ss:-) of mors man ens sarvar, the ac- 
cess fequest is psrfiSorsed insosusj-fsquests, snci each 
siifc-fequsst is ffisr. ssnt fo its rsspectiv* gervsf, Wh^ 
a foquesai ;s paflifbr^ed, me sargsi sjst in t^s fxigtml ro- 
quss! iS acijustsrf for aac^l §*jb-rsquss! so as to onSy 
spsc^jy t^isget objects vsHlh ttts dont^ain of the ssssociatscf 
safvar, 

[0CS83I if She feoLissf ?. targs! sst ?atts within {f>9 tSo- 
.•Tf3»i of 8 wg!e ssfvof, mt-; antir:-} .-aquest fo.'wafded 
iO shat one sers'er tor Dfocessirii^. In soma instanoss. the 
server for pfoc-ssssxi -hs^ fcsq:isst will be the RiSS, in 
.vhiOh c=tS8 thtt 'i.-!3!j'3 11. rfdciy<J to !-:s and ot the MiS's 
c«3! requcss queue ff;:CM ;;U)>::ilc5rs^ ssrvor vvtsfeh ra- 

queaid !■;> :oc(St sequi-ss! qusue iof procssssiog;. The. 
Vii& riv; ;-ifvr!- f.ijiU;., in-o,-,-,tiJo; , (Fig 3) for 

sfioi,<!s!af<Ssng access fequs&is. wiihsn indscaifonoffhe 
ssr/ar c-f ssasfs to whic<-i Ihey have bseo ssrti ?of 
procisssiog 

[1308^1 At each serv^f to whscn an access request is 
sent for processing, -hs access sequest is axscutatS 
perTofming the scssss contfos decision Junction and 
ihsfi the access contfof enfbnssn^enj f unctiort. iVSore par- 
tfC',jS.=tr. rs'srrii^cj back So 5 stac-s 222 ih'.o\iqh 2S2 

each ssrvsf, since stsp 250 nas aksacy bee:- Derfor meci 
!t!s MIS, Ti-isj d9r;y/g,fariE decisior; for Q5ch access 
fsquess? may tie storad in a sscufity audit traii. 
|008S] in a p--»*&rred ettibodimsnt of jifessns in- 
ven&n. trg access ccnt><^ dscisior- furieitori can tjo 
.-fvif ;r!tif touir ^i-'3 use fi' =i g'ofjai conffg-jraiinn ps- 
as ;--?ter, invoke 4>,nv o:-;g of th e !oiio4«.-irt§ tev'Sis of log- 
gi-xj" c;f acoes.;; ciscfSions; i'-i !hc security audit tfati i'A,! 

fiiary i:ito;rrxiit;c.n sbou! access tequesi giaris a'^(3 de- 
f-iaJs cisnciiing ofi-y ttie >den!i;y ot ;ho initiator, the 's- 
Chested opor?sf«w. and tfie tsrge! c>i>i&-;! or set ot ofijscta 



to wtsjcn access was grarsted a? Kim(&i, axd iC) a s^jii 
loegitg ievei in v*ich. for e£cft access fsqossi grant Cf 
Ssniai the ersitreaccass fsqiisst is fogged ss waff as fuii 
infortnalbn abowt ihe tsrgisf c^jects to whsch accsss 

5 granted or derilec!. 

[JK386j Af ;?-sf:i-: s^?r^/sf, f^-spons-^s Qe;if-fat:.d by re- 
qiS9s;j- Lno s-c-siqua-t-^i --;f--3 aaiem-ii-isc and «;;jni bacK 
to Jhs Mi£ {step ;?4f.s> Fir,^:^, a\ she MiS, if a request 
was psr.itonsd intcj Ewg or rrorc^ j^ jD-SGuesi^ !he rg- 

w spciisaa b-e cainDined sr;a cciribinarf f(5Si:.o.:is«;, it 
as-sy, is rotufrseti so -.he inii-ator (&-BP if a -oquc ;;! 
was rtoi paftition«!d, fhe resijc-nse, ;t :« fosvs'o'Xisd 
to thg ifttt^tor Aiso, tfja access fsquas,; ■:itiis:sci Tfom 
the pertding refjuesf status tsbte \%0 i^i^s 3V 

Cofubs^ing Rasponss* Whsr A Request has More than 
Ons Target C&jact 

[0<SS7] Ficj. ? ts a chart indicating how access roqtisst 

30 f.iisfionsss srs con^blnsd whsn (ha targsf of an ac- 
cess reqiisss indudes more tf^ one rtianag«tnen* ob- 
ject, Th& chart m Rg. 7 is applied otsiy v^.m aocess te 
at least cm target otjjeot specified by a rsquss! has 
bean deniad Whsn access to ai! trie target csbjscts is 

2S 9fan;so, iha responses gsnsratad isy ci:S the tB-^ox ob- 
jects ars sifTipiy ;;ornbi-;ed ard fetumad to the mftiatof. 
[00S6] Wfssri tnef$ is only t;'-is ;x!:8Ct i^-; tfie tarp<jt set 
of a reqyesi, corrsspofiding ;o the ^na'^-sr-coed c-jora • 
tiOn' row Of the ct^ar! ;n i-'.^) ; , iMcrf; r.,-. ;o ^-.'-.n- 
bme {8Spcn&3S ifths :vQii«>- ;ja ;;^;r;;;ir;,.;(; !iK;;ss; U o 
accoss denied fOspors$s gericrated sy She appiicebis 
i^iiia ts f^Jumad So the initiator. \t -he responds gsf3»rats?J 
by ftw B^pScabfe rafs }& a "deny without ta^nss*. tnm 
no response is ratumod ff the request is an uncertfi rmsti 

35 request. «o response if: re'on-jBci regardlass of vviisthsr 
the rscuest is 3:s.-ited dfif^icd 
JOOSSI Whan a r»:5u-2st spsoitif:,-, rjiore than Safes; 
ob;e.;! :.- c'tS'Spondtr;.:^ to -hi: "scoped Oi,-srav!ori' portion 
.o' -^o '.?5 Rc3 ?. lha 'ype Q- ;s;s;x.-ni5a raiumsO de- 
f.<-,-;: .\ . i= rn:^(.ie?fs ayncl: para!T-.-3U;f it ine fer^iies; 
is a.'i aton^i.-. requasl, wften accssss So s^y of the tsrgst 
o&jsscts is cJejiied tha esTtitsc^ration faiis. !f the request 
is a sonfirnftad request a singfis *a«s;»ss dsniad" ire- 
sponse is returned to tha initiator. Otherwise; if tha re- 

'1^ q:.;9S; f. s;n ..ncon- rmgd if-CLjasi ;■>;> response is fs- 

[00$6! VVnen tn« RXjaestssrecsfiiss more than onstar- 
gai QOiisct ("sccpsKi cpiirii-ioiVj and &pijc:f«js .^s "-jast ot- 
ton' synch mode, ths isspcjfisss gais-i-atsd sy .ne ob- 

«ff jeets «or which access. ■& sran-ved ara t--5turnec; to the us- 
or. For each ob|act to wt-icn .access is denisd .nr. 'ac- 
Cisss aanied' rasponseis seiumed if s le = sous-vs! m a cnr- 
termed fsquast and the aF;pi<cabie rute n.-is an ^ iroixs- 
msnt action of 'deny with rssporjse" Othcaviso. ;t 

S5 appiicabie ruse iias ar, sniorcame -ii act-o-^ "dsriiy \i.:lh- 
otii ra'jponse", no :«s{>cif:;i<j is f^turnac K-t fi-iS ot.'jijctis} 
to which accasis is denied 

ipomi Fmaliy. ti tfie fequest was ao s.riconf)j!-nj?d ;e- 



/r-i IX. ' ! ' o ctjuccii were gt'antac j whtrfj 



■•I'm - Pig ■jf^ff'^rnco Jirs <r sscn scfvsr I5i 52 
wb$f9 the fsqvjsst of sub-TscftiSst ts procssssd ar«< 
sgarn dt ihs MIS fct 5^s tsqussis liul are pattiltorjed 
fnto sii&^fsc^ucsls. For a!t3}T?io accuses raquests that are 
oartibofifid anti ptocfa-i'^'i rrosf* *fias^ o-ie ssr«»f {h« 
access contr., »tji,fjr-^ ' u ^ j« f srformecj oniy 
the ss^itaf. ! ^. 'sB'-o'i rv}ioe"'iscinfijne:K3!i 

>~-^V4. ClOC CC r Cl-r d 1hl3 M 'I. W! a ^ aC<,SS{^ '3 
il op i^t^j'S^dd ,l.S OnSSS^Sf j -il Si^HJc- 

C"^«' ■} 'lii "V^ 1 !flB d'^'-cS!'- of c Tig? CtWB! !&3 

SJ;; esfK>!-se conbrsng cperaticr* i> i^e'^onreO 
only cv Em 6»!V9r prtxs^tog ths f acjtiMt: 

>. ACC81.S >e Sveot Mofjrica'rons 

[0O83| i 1 pfBssnt amtoodinsnt access to Fvpnts 
Nio litest xis, !s eor^ifo'SetJ ri the sshhs way as accsss 

o cbjo-^s f g fU'-'s 1 r-i « MO's; ccr! ci ru 3 »-5*,€ 
X 74"! "ot > •'t o t \ Pusm-a' i y -> >n(^ 

ircc'-afif£"" -3* K 74i is appisasfe A^ft axmjpie erf tho 
event nolffrcatK5« acesss contf prcastem is as ft^ws- 
a t^tepr^Qne swivwsrk pfwvidw cbes n<* want custofsief 
*o recsivo nostScs'ior"; abois ""^w "elwor^ fesoi<fC6a 
insj^a 5' cu&'orTO! 3 cystofr*ar A fegisters ijssif 
*Q sack's. r -ii' s'.e'i po5,t:c£! ens 
fOOS4] ■^''s p esc^t onbod 'nof :x>^ m ho ovaf^t no- 



f S'"i-';3ne"hM ii '-^'ii.^ ^c'n-'vo'- roller thaMi' 

[OOgS] 1 js w-^-n =s tfs or objsct is detsrwo tn ris 
S86.S. cttiV'oi c*> sci tie« -"70 ore ci the ops'at'onsthriit 
sari be spPcKsQ n "i^ tsf^es dSsjed's opersiiors tist ts 
'avsTiJ riotiteatoos" tf> prss^-ed ejrsbod.'ne^t the 
ivsn -ofi^dlKsf > c^^fatipn spec fssd a S&'gsi o>j ec* 
cjan Gtther stJeCfy f>!S sve" JCittors *of ?! sa' o! '?s>»a- 
ffednwsaqsTiert {^>€tcts O' t car spsc.fy ctsrtsi'- so? 
i»{ic 5yp9s o' ^ >^•^ -^oii' Cc 'ioi*, ijy jsmg ^ s tsf «!d 
c?* the tSFgst objs-E h- <-p<sr K t- * t>03» <-< ni f o iJf 



-31 cart bo = bccJ 

cto .CO with z denv 
antJ aS mtofffiaffoii rs- 



"Ci^iV !r?c ude e-zen? noijficaiwns sn ts fist of owalws 
A'tarra^eiv, whsr Rr,)rop«ate <5So«<fa*s targo* objects 
cisfi be ijs«(j xe define &vw}i rsotificatiofj access riofiSs 
5 [0097] Rf 'efri^ri io FfQ 6 he V = -i rr\n<^ ^ ns " 



U'jf- ' ' -s^ '-lei Jit. <: ao" rc! 

qi,s s i^fic« <=pft.if e-l > t =iict> >o8 -s.c . ^•>tits 

jsJi^ls irc3:>Gv,iiija&,?'-iS'-t3C<t-^s» t~>c c hie 2i>0 stvjfo^ 

8isi ijs gensraled by ha ih& n-ifta-gsmsnt ob 
j« ojs Of 5h8 access ccntr* ofc !pf-*<< sj<5S's o' ofidr 

onyb'c-"-, f! , c v.-ru h , <; - r< ^th 

tiation wq^-e s iw* ■,rea>.cet. > ^ 
so e< -ii en >fpr ik^^m o f>vsn* o'l'i . -i - i 

«s of cffljects. Of specittadsi-mrees of objects Thus to> 
snst^csei 8 aser eoutd request: racsipt ef &vers! noti- 
licatims tot router ixj sets f s vs(hich s a cfa&s o1 
ec'ss sncf cojid Ujihsr sor^ity a *,g8r, such as ofity 
ioojsfs Iccaied 5hs sfat-s c' "aii'or-'ia or ^oi 5srs nar^ 
^ifd'Ju -id by par* i,v,!ar >,oi iv Usm a ef trtfss 
cafi siso ffjvohe prior roquesss 

|G0S8] ms' -5 'ta STib'^J ^ - » s >. f s- 
■» ■}84oniyc'(SC!i;s «i^ist dtiJ. «qi- .is o<^ > '"nat 
('lo fccsuesis are ser^antica.!), co. 'c- &'6 *hat t*- o s&ee 
ifisd objects lor which events are cquested actuaily sx- 
fst Thus. SI *t8p'afefre£ientN3o,.TJ8'n e"- s ovtr ' rsq s r<f 
iS4 doss no* cheek to sos if .ho use! o' «n' ty rrsK rig a 
3i> rogstratio' f«C! .es>' h^s I -^f" Iv -'c ca'--" e tr, anU- 

ir ^eav'n! ctj!*^'- ^3^ aIii f -k' > c-s -7*T^a!ion 
access ' ql- = <it v-^e 'nk. tJ-c"- ' v- "o i* f^n *ia'ng 
pic*.st.>5f^ As a yfcj'i d!> .095", f L-^«(i>^l ms. 

ev8F>' rou e' iiro do irit ct the n nai -jiorsd 
ffjs event rsgisJty 1S4 

[00S8I EotSfss othBf than vssrs JJiat can feQister to 
(scsivs etf^f^l notifscattcms iridude shs U\B *5Q and 
ajxi^ 8f¥ se-vefs 152 Uis tog ssivs' (*h(ch will 
c j-jwd be'os\} and ©van ct acts {e g > dat<scag& cfc- 
jsj(^ts whK-n rfff dscijssed bskm) h&t are ps" oi 'Sis 
aoctjBB eotitro) sncftne 

fOIOOJ Aifftvtn! i'1t*'c n-^-, ft -1, j<,=" -If-, 

<5"r>gra{8d bv 9ci.es5> cont'ot ot==r*<5 Ti »^ i», i> 
sj-^ecirf! amiarv s«rvef IS* i f iq 31 ^ 1^ suk- -i, 
Si3 oVi^f rojtJ' 18S an ^^o MiS 1£0 i. - = t. j*f 

jiy tao 6. of .<st >rt bOvf *b & ^ot'.R ^^-ly 
Po aach cvsp -o{ .^.'..'^ ^\-ivOv. !' ^ ' v ^' 
(OiiiBf I,!s6, ihe event foijter first di^lefi-r^aiss whir.h users 
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asxi ant;5ia& r,&Vv- i fj^oested a copy oi thai wenxnolifi- 
eatiw, srttj t{i«n dslasmioea whsh mose users ansS 
entities have the rsght to rscewe i!iose evsrst noSifica- 
rions Th« deiafrmnatioo <}f access rights to event nc^s- 
ffcauoDs is performed using iho accQS6(2Gntr<rf<3ea{s!On 
f!jn«!or!. a* shown in f sg 5. Thus, th® «v»nt rouisr 
looKs sn sso<i8nce. at the gtotssJ dsfiy raie,. *s largstsd 
deny ruisss. She gkjfesf gfani riiid and thatar^etsrf graf^t 
ruias untji a maScr.ffyg ryie is idsntitisd AdsfsoK fuS« Is 
sppSetl If not fTsactsing mte is lound A rrjatchsrsg fute 
must {A) appiy to she "evant notification* opsrstiofi, {S) 
apply to the cfejed ttiaS genetaied trse svsht notifjc^ion, 
afid (C) apply So a sroup of whfch ths requester is a 

has, scryss ()^r;s ;o Shsi sJvor; ro'Jiir^aiiao t-G -jvsn! 
'outer gei-s'-i-aiss « ciorfaapo: :Hfig svtsn! ric-iiiCii ;»■>;■; 
•rsessage each c? wfi:ch ss addressao ;q « s:f?gie autho- ■■ 
i^ed i-ssr or Siiiity Thus a single ovarii r!Oi<?i;aiic;n may 
^ssul! !n ?6fc ever'! noiiticp.-ton nsss^gas, oi irisriv. dis- 
p«ndir:g on th$ number of requ«ss>efs wslh corrasporS- 
ing access risht& 

{OlSSSfl Om spscSe iSftpiieasiort of the «ivis(tt registry 
584 ant! evsrtt foutiar 18S used in the preferred emtiod- 
irftents is «s to^ow? There is « spcci-i: aux *!«?>' servor 
t54 ihiat hand!;; ; ■ ^ >;-rj frjoci 

ticjfisof lhaaccj..:- .'!;',\- ■ T /^jrcis «c- 

cs«s reques's ^ct>-;sr nun avais- n.cijifc;;: >r- <kc.^ss o 
qysstsj wiiose saf get set ;a iocatec irs tha jx f ro! 
tise 170 ate feuJtea hy ths MiS loO to ih« fcpf<;. ■;..;()!■ 
saryssrysngJJ. Fuf»isrrnofB, cmrgoa to the access 
conSrci tfse lyo rssoit in the ger^sralicarv ot evsnt nctifi- 
caiions Jha; at^ sent to the even! lOuEef 1S6. to pSitScu* 
lar, ih£ creation oS n&w accsss cofjtro? ohjecJs, the de- 
!et!Of\ o? arcsiss f.^y-itTOi cisjecSs anrf ittf> rricidtf.'caiw of 
atl'-ib!,ses of any :icc«; ^ oj-siioi jtjecf aii resySi !■■■; 

[Of 03| !>5f. f^iS 1 ao and aux^ifSiy servers 1 52 <jrg aii 
sutomsijjcaiiy regisisfecS in t^is svwl rsgistty tS4 so rs^ 
caivs aii event r^ctificisisoos rsia'ed tocfiangss in the ac- 
csss ccsfiiJoi tr&s 1 70. The MJS 1 50 arici aojtifjarjr sep/«rs 
are also inciudsd tn « sut of "supas ussrs" wiJh accsss 
i-igits to alt everts noii&aticns F urSwrnsoTS, arrsar^g the 
ifbrafi' procedui-gsshsr«d by fhs MtS 150 and auxi'lary 
'sorvors fs sn svfiirjt receiving anti rrocsssirig pro- 
cedure kS2 w>-!Sfi sne sVisS 1SC and auKifsary sap^ere 
1 52 ■■o^Qfve <«■!-.' e>,'er! -!t.i!Tir«i:oiis, --m cannq a crar-'go 
Mnedc^p-^occf 'fo' rs3 ^3 .-t..«3.0'i proces-.ir'gp o 
esdure 26?, viihieh is irivf^ftd by ssch server, niafces the 
sam& change to ths S8nfej*s iocs! copy ol the sccesa 
ooniroi tree 170 As a rs^uK, tfie socai copses of the ac- 
coni'oi tr--5e - VO in fsach of tne seivsrs ISO. 152 
ari5 i.a>J5i-?d .•iriusiiy s,irfi^«dneijusfy 

i^iri^c; ij;=!t?h«5* Ace5-~s to f>/c3nc;gerr<5r!! information 

[0^041 X 741 ocrKi "sOi Ciil! for, or svsn sugc^sst, SQi. 
access tc ;he -TiSi-iiagssri-i'sri; na-.ed database ir5 fact, di- 



wci sccess via a DBMS :w;h3;iisrn ^iqhi ba $iS-is'i .js 
c«intrafy so ths ^eais of X.741 sines it ts a pctontiaf 
source of $ectJt % feaS^S- fHowesvsn corporafe^susfotTiefs 
of targe corlimunicatsc'f) ratfwwks are idemanding drsset 
5 "read onty" accsss 5o mana^ajfrii^nt r.iorrratior lor pur- 
|Wses ot report ijerisi-sijoo, 

immj The dii-eci «c;cgss ■rit.'chaniiarj cjf ;he present 
orabodirnont provides iirriiisso, -Otid ijniy scct'ss to ■•i->£;tv 
agenent >r<1o!™ic- 'c lsi--- prkfe c . rfMC sa-x 1 1, >t 

?f srators to dijffr,« ^,fic gsi-iS-rf ii uip^s^Tls .jt.cut 'no sisiiijs 
Of f-ast psrfofrmnce of nctwcri< obi&jis "hss is c»;v,sn- 
ient fof us«fs, and avosds the corrpisiCilies of s^s'W'orit 
manassftJsnf nfoFmaSibr) retrtevEsi using SNMP (or any 
other network rjiarsagement protocoi) m&r, the o.niy task 

« to t5e rtedofrned is the g&waSson of s&tus reports and 
other netwofi? systsm afiaSyeis teports; 
^0!06] Trie rfirst-i access mschanissT^ of fhfi present 
eTDc<ft'riE'-t oniv -sliows ussrs acssss tc tntof-nation 

agsmsnr irstertsca )o ins nm^^-Drk 
f0107J R^ftjfring io f^ig 9. 'he pr rnafv components of 
the direct inforrr)a4io.n aocses rtischanssm ats: a oonvsn- 
tionai database manag^ent system (DBMS) 280 for 
storing evrant iogs ag£, sach of wh-ch stores event no- 
tifications to which Vtirsous usars navs rcquesiod direct 
SQL tvpe access, ano a ioo server ?90 whose primsr^' 
fu;ictk.i--i !S io corsvsrt &ve:>t f'^tsfic^itions mio SOL i'^sert 
s:,i!sn!r;-^tj< tot j^onng ovt)nt fisxtfirrsiions ifi the svor.t 

-J^ fo'i SSi J- o DBhiiS ?dO bm ly .;oi iva^ ilsu;^!: -jioros, tg- 
tjios of information, wnitc Ft^. 9 shows svsfjf. togs ZB2. 
esch svenf tog actuat ens or more database taii^as, 
«iihe» each databjsse tabie stores a diifef^l type 
evsra r^otSftcatioo, Ths DBWS SSO a!so has an access 
prwtteges trir^duss Sg4 whch i^onfsrjures (s e , sstaPissh- 
ss( occess liohfs !u eacr-- of tt>e tsbies in ihs DBfViS For 
instsnce, the accsss prwtisges rnoouSe gS-s may h.ave 
an access priv.i!?<js-s tso e fhaf stores acc<3ss nphts m~ 
torfr?atit»5 indsca-ing v^mch iJiars hav« aocsss to ins la- 
isfee that rtsjks up tfie even! i:->.-5-5 DS£ f-iovvsver, ths ac- 
cess pf ivttegos rrwoule 2Bd ina)/ be imptemnnted in cth- 
sf ways, such fie by storing sccess prrvtegsd foforma- 
tion With each dstsbese tsfeis . The prssam appiication 
skj^s fi«4 deparid on !he partscuiar rrsechani^ jsod by 

^ Sje accesss privitecji?? modyie 254 to -ssta-biisii diita&ass 
tsbfe access ngf-iss. 

[01QS] In ihe pro'cr ler; ■3Tii:cd.n-snt j^.y !ht= ioc serv- 
er 290 fl'osiass if- .5 sys;e"-> arfmt;-':i,tia,.-5r) has v.: iio 
cf:5.^ io ifie ever'! 'og SHiz^ss •;Vii;is s:-;ac!t,sii upsis n:vvH 

Si? rsad «cc3is, lo spec-iic i.si;le-s A starida-d SOL esipire- 
28S pixKOseies insert statcrricms Srorvi tho icg sgp/s; 2?0 
as wsif ae rssd requests ffon^ ussr proes&sfis or worit- 
sf&ttcsis 300 that are wbrrsStted via s user commuoica- 
tions feiEerjacs 28S 

•ss [0110] The tog sejvsrJSjO i? rpgisierec^ v<ith tr,8 event 
segistfy to rscssve at! ijver;' f-o-"i :atk;ns qanerated t.>y 
the system, aid hascoirrssponding aco&&s ilgntr. Trns> 
log ss-vsr 290 is prefj^rabiy a sotswarrs entny or process 
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ths! riKis sarri^j s;or;pj;'jr Of compijiej ooife as 

MiS ; 50 A iot t;;5:3rs 29 ; , 294 in ths tag servor 
290 ds;!ef'r!<r-!-> vihifrr Bveri' nctsticafiotis ate stoffed, as 
w»5- as A iifst hifef 2S-! in tr?e tog server is calfori 
ih.o seciJfSy tiU^a ifcsi! ?ifef Th:s flUsf 29) passes "ijc- s 
■.^(^as c/aoV ar;d '^<ec^^ss c3--5:-!:a!" sven; .'lotfficaiicnsgen- 
by -ng ISO auwhar^ &8)varfc 152 Jses 
-!g 9). ThB security audR trail fiitssf 29^ can sfitectiveiy 
stcsf« either ths entire event noJtiicatfon, or a speciiied 
portion of it, in ihe sscufijy sodS siail fits More sps- jo 
cificaRy. whjirt tho security 8U«il trasJ Is corrfigtirecJ !o 
work a c?st?5i!3d mods, the security atidll irsii 182 
aSoros 3 va ry accoss rsquest and tfso corrsspctidifigosiS- 
tsotr.s 1-3 eni::e?y Wfier; the securfSy sutitttraji is oofj- 
■ !9(jfed to sVG! k: :n t-n ab»r;3v:EiTaci rnccfe, the s«cunSy au- ?s 
oii tfsii 1^2 r>!o!.-:s sf:or-a'!od fgpfe«.wiiu!!0!-; o' evsfv 
accss:; r.-;ai;'3s: snci fna :o:-:<'«por;dir!g ousccme 
[Om I Anot(i«r ios servij f tiSer 332, caiiec! «he sscurrty 
alarm tiiti&f , -s usad 5o gensrats a Ssetifity Afatm fog 293 
thai tis a^arate from ths sscuffiy audit trjsat 182, vrfiere 20 
security aiar rrss are generated arid stored in the log only 
wnsr ihsia ;s 3c§ns! of objeciagcsss fnmejsrefeffec! 
embocifnent the stored sac jf iSy atsrms fdentifias the os- 
m itiat initiatsci sac!-; dsnied access fgsqy^st, 
[0112] The othsr type otiogsmsrfiter Shawn in Rq. 2S 
9 are ihs sv-ent icg Ritoia 564 Sacn ev-r t kr--; r^rx-. se; 
up to pass cif^iy a spadtisd set of event -ci-icai'o - a 
ir^stanceapsfiicuiafcystomcrniSghtrsqusst-s^aiccrtain 
groups its sfr^oyess have direct access ta S^!^J^P,' 
CmP 9VST!{ r*ctiScatiOns lor fnamgsmsnt ctojects as- 
sigfisc* TO that custerrisr. The fog creata/cSeiete ptocs- 
ciUfe 236 is ussG tocefine s corresponctfjgeVjSnt fog by: 

;Af ds:-n'^.rv'j ;:nd =f-!tiaf!xsng a corresponding set of 
DbiMS ;;lb■^^5 {i e . ars even! iogf tor storing Sie 
isqu-asled evsni r^o!:f!C<it;ons {cfio Gisi.riCt D3MS 
laJjie psr tjistirscs event not rf scat lOfi type); 
(B) cisfiriing and cresiing s database cbjscl 298, 
S!!d iegislering me dsfatiasa object 238 with the 
sveni registry to receive mmt hotifksaiifiws affect- 4Q 
ing tne rights ct users to rscehra those* event ncSifj- 
caiioF-is. She database ot)t<5<:! 298 rneiadea a first at- 
trE;ute !h?.- contains a lax c«' the DBMS Jab!«8 In 
At);ch the event iog is siored^ snd a second attribute 
thv-ji coriisasns a of ihf> groups with accs-s-s rixjhts *s 
toihs ever;! noi:!fjts5tions 

iC) 3=5 gr-Diip names aro P: &S acicieo - ■.■ A:'..'Cdso 
object 238, thediity&as-sobitsct 29S ssnas sr « i.ai 
set ot database iabie aci^ss gmtti comsnsnds to 
the {Ji3MS to define th« itntiai set ot u&6.-& w^ih ac- SJ 
C8SS ngiits to the tfibies makjFig up the ovarii tog 
S 8 2 ; ai d 

;0) <i9iv:.nq anfi i-re«1:rg an >?vef^t \<-g f&m ?32 !"or 
[ias& ro oniy the req>;es!ed cveni r^ctificalior-s and 
lof ccflvsn IRQ tiism into SOL men: ssatsmerits for ss 
irsssfting each passed svem noiitication into a cor- 
responding one ct the DBMS ta&ies. 



PJ1 1 3] For each event log 282 thsjrg Kf one oi: mor-s 
cofrespooding target otsjects in she access control o6>- 
ject tf^ 170 f^at detjne {1? the target set of rrianage- 
mm-ii dajects for adjfeh aveoS nctiRcations are to be 
stored in ttie even! iog, csnc -.2} i^-o typos svent noii- 
!ic«'ions 'O be included ;rs ths; evrsn; log rC'r sny pa-lif:- 
ui«!' evens iog, ;ns ssi or gr oup3 oS ijutiio: ossj^'s. must 
be ttie sjjnao for gsis ovsnt rioS:>:c«f:cns .t 'hi;- evsnS iog 
Any d^snges r. fh« gfotjps o! tiset s -c cif: gssnted access 
to the event logareconirtujr.-rftod to me cotrs'spondifig 
database object 19S by rogissoring the d3t«&3i;f; ossiec;- 
with tf^e event ^sgistfy to retJesve event nottotons 
aSjout atttibatsi ^^angss to ttia tsrgol oteac$(«) corrs- 
sportdifig to ths aveflt tog The detebase object 2SS is 
atso registered to receive event not?f scatiorss of attrbute 
cnanges \o the group ot)|seis for the groups that have 
accsaa rtgnta Jo tJ^e event iog 

[CIU^ Whenever Shu da'si: object SSg tor a fsif- 
ttciiiar event iog 332 is nottfied ot a change (i s adci- 
ticsis anci'Df dfi!sto-i^; in sbp ■nemiiSfsriip of one of the 
groups with acrcess r^yhss ;o the evrsnt iog 29 ■ , or a 
Change in ihs mi of gtoaps to i>s gsva^ access to the 
»verstm>ti?"(caf icos tt?8 wens fog, the dalatiase d5j«<;i 
298 sends corraspcndMs access grant and access re- 
voke commands to the DBS^S 980 Tt)o sccess prwlog- 
es rimdusn 284 than racofnt^res the datsoass tabifj ac- 
cess nghts secofdtngiY: 

lOtiS] As event ncsiftcaticns ocrrespondtng id an 
evsnt tag ere generated, thgy »,r» ionsihrcum by the 
event rrsjier 186 to She iog &e!var t^S^r,; loy siJiver 
290 torafards ihorn to the aveni icg'ss fiitsr 254, where 
they are converted into SQL insert statssrisnts end sent 
tp the OEJWS S&O for storage. ;f sartm ot the sanr:e event 
notitirxjtScjos are included in two {or rnor«) diffsrom evsjit 
iofK r^a-rio ovjnt not-ioriticn vv^i! fje &tcred tw 

(or mtjret tirnes in cis^yrenS tables ottheOB.WS 
(OtlSS r -. ; -x-r.'J :.;fi5 en:o,Cc;. ».'OY.-,..rJiV =-56- 

fsr^eo a:ces> :ciiii,M!oas ic tfe ©van! togs, in -jfifticuiar 
every usar query fof irtioin-te'wi irun; trse Sat>ifjs sr^ the 
D81WS ciieckfsd by ii^s SCL engine against the 
access rights estabiished fey ins access privr>eg6s tviod- 
u!e 284. afKj onfy queries m m cofnpiiaoca wfth Sh:»s8 
access rights are proc^sed User quenes raqyasting 
fnfOtmEftter! f roni tatjtes to which the i;ssr does not have 
access iig}-!ts arrs r8je<;i«*.ri by ti-is SQL snqins; 23S 
!55117j aec.^i:;se userr«os;e.5t£ tor v-lont^g-^u^crr^mii 
D8V;S 580 muss Be subr:i!ti&-i if: ti" s tern of SOL que- 
fies. a!{ ihf) r^jport gsns^^stcr ioois avaifetsie icr jhs; 
DBMS can be appiiecs !0 creating SOi, rajertes tc m.^n- 
ggsfpent infOfr!>a!ion. ^hus DBMS access Ti»ch<3- 
niSff! showti in Fig. S providrss iho cof^vonicncG of using 
fest and weSf known DBMS ssxess toots viihiie st;!; pro- 
viding tns Slims access mstrictioris as Siose provided 
by the rrtanagsment intomatron senjor FurtfifjriTiorc, 
the .eccfiSS restrichor^s impc^s.ra^i by Jt-ig DBMS treo a-e 
auJomatioaiiy tii,-;dr:ied ivhensvsr Si-ie sixths, wi^m loiha 
COfT£;6pc.r3sj,r!g oven: !-iO!:t!C,:i-iOf!S ar-.^ n-iociitis-c In ttia 
matn ac.cfjss contros ersfjtne tnat conirats accrsss to tn- 
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iorrw.iiori in ine fn^n^iijyfs-iofu object ifee. 



t . iis^n at-(:s?s oorstros system for contfolSog access to 
fT^an^g.a!T-;3rsi wb-eeis h a distfibiiied network, corrf- 

CGOtfol objfiGs, -ho £3Jxsss corjtfo! oijjacts irt- 

group c5bjec?s, each sJsfinifig a gmtip ana 
a set qS ysers who are membsfs of Sys fS: 
grosjp, and 

(u!fi Gbjec!:-, A Siifisiii of ihe rute ab|6cts 
esch specifyins g ast o? ;hs g; cud objects, 
a ssl ot ttw rmnagsfTisni ofej<K:Sa and ac- 
cess rights by sh« users who art* riDsmaers so 
ot the gfoups s^sfined by the spociPed set 
Of tHs group QOiecis 10 tbsi spiseitiaci mw 
fiianagsrnant ebfjiscis; ana 

a p(«fs% Qi- asffis^ eorfirof servers, eeeh ac- «f 

conlKrf server ctsiamtting acceg? so a dig- 
ti?wt safcs«{ <^ &5e frianagerHSRt ofejssas in as- 
eoreSar^oe wtiii ttis ^ascess tights spsict}i«5d in tbo 
access ccmtroi tiatafsasie: wi«rfti,-i ai ftsas! -r^.a 
erf trt& access corstfoi s&rve;& ■ w oiv.k, 
reqifssss ?rom the usws ar^d o'istfibuies tn<s re- 
cesvscJ access requssts arnong ^eacciess con- 
tscK ssrvsrs ior pt ocassjng; a subsel ot the ac- 
cess !&quesi5 ^scSyifsg operaticsns to be psr- 

■DfctfecU, wherfJin each isccssa reciuea: iD ihs 

ths accass conUc! asi^/srs ;i aworciance wish 
ihs managSiTisnt otijects, to ioh access is ijs- 
irig rsqiiSBtetJ by Jha aeosss r sqoeaf, «? 
tf58 access cofihTsj ^psfsrss rsspondirjg to Ihs 
access raqussts Irctri tf )» ysers toy granting , de- 
ny iftg sfMS pailiafiy graritirig artd denying lits ac- 
cess requm^d in sach access request in ac- 
cofctyncs vy i Eh ths access righSe spsogied in tha 
riccssa controi database.. 

2. Tt!© aeeasis eoritra! sysJem of cfeim 1 , whsfein 

orsa csf shs: accsss tsxiird servers a m^ags- se 
msnt ir[torf?i5st!on ssrvs? that rsesivos the ac- 
cess feqsiests subfTWten oy usera to the access 
ceritfoi systSfTs; 

ths rrvir:;ig&'^ic:ni i-^tormation server !rs«!ude& 
frsea.-is ior pMi^iOf.i.'tg :hr, aaiess requssi inte 
Swc oi r-iore access, t-jb-i&quests whSii ihe ac- 
cess i-; r^o ;;~5t of Ti^nogornont otjjsct^s spdci- 
fjeo by aecflss fsquast (s corftrotted by t^so 



Of more of the access conSroi servers srid ser?d- 
ssjg thB access syb rsquests lo ihosc im> w 
mors <3cc.8ss <x»itroi server* tor pfocsssiftg, 
and 

Jhs managemeiis ir^-ormj-tia'-i &e;vc' :';C!ijd£3s 
fKissans for f>om»ir^!!-ig faspwses ;o th«; twc o' 
(tnte access sub .fiKjjetits -jsr^-srjj^wi by '.he 
two or ;r:orc .^v access control server-? after 
procsa&ng tne ae-isss sutJ- requests and rs- 

subfTjitSed tho accajKS requt:sf that WuS parsi- 

3, Ths isccesa controt system gI cisiim i , vi^e.retii 

8 sscond siicsel ol u^s ruie obiscfs Jft ihs ac- 
cess coritJai :Jgtabase sp83s?y' a set oi ttie 
groiip oo icts a ss? --^f i^.g access cortroi ob-- 
Srsc's ro ;,:cc$t by ihs users svho are 
rri8mc'"!;.v ■■■■■!■; . cfe?ir:»a.?;ythe Sjw-'^ffied 
set of ;ht3 group oDtscu fc tf^e specified set of 
accs^ eontroi otjjects; and 
iha aocess Cfxrtref ^stam inotudssan access 
control database server ftat stores the access 
cc3!-!tf o: databsss in persisteni ssor age, rscoves 
acce.^'^ requests fcj the access controi o&jscis. 
gtanfs and der-sfss ifie accesis fequssss to tf>e 
accs^ contfcf object In acccrcSarscs wifr> ths 
access ri^ts specifiad m ihe access coRtfot da- 

4; Ths access contfci syaterT; c* rifeirrj t wiersin 

a second subset erf the rvio OEJjeots In tna ac- 
cess cor>!rc;i calabf-ss each ?p<3cily a Sfjtof 
group ODiLJ'.-is .1 ',4i\ 0- :!-e !r.a'-!rf3e;;-:er)! Qt- 
jsctiS. and access ^ighla !ha us.-jrs who are 
f^^emfcttfs of ihQ groups defined £>y the spaci^isd 
set of group objeets io event ncttftcaticsns 
gerssnatad by the apeaifiad »at of mSfvsgerrianl 
cbisscis; ana 

iic:?9B6 oontfo! system inciudss an event 
touter that tadsivfia event tiossiissfiQns gahSf- 
ated bjf the managsinsnt c^sjects arse sends 
corraspciDdirig svscit noi:ftca!!0»'i rriass.sgfS'i; cn- 
?y' 10 ussrg in groups Who have i:cc;s$,s fiohts to 
ihose evant rjc;it;c&! icris i^s ;jc.cc fCiaiU-.& .vith Ihe 
access rir^'-its- spect?;ad in -.he accssa crri 
labese 

S; The access ccntroi syciern of Cmtr. wt^e^5:n 

the access coriSrof system lotiudes an ox sjit 
registry tor regisicrlna ovant riOtif:f;:^it:0!-! re- 
siiests sv ti$<?r&. ei;-:;h rwefs! nofificairon (s- 
a jes: specifying evynt tiotrfications trorrt spec- 
ified sets oi ti->3 rnanagsmcnt oisjocts that are 
beifsg req-jesifid: 
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the evsiit iOLitsi incSuotog meacs ttx SGflding, 
in response \o mm roceivotS ovsm fsotrfication, 
cpffsspondtrig event oc^if icatiort messages to 
users v^Q iiave registefed a coiiespofids^g 
event noaticatKK^ fequcst m'it> -as ovs)'"; rogis s 

ev«ot rioiificaSfon in accofon >-.■.- I'-f 
cesMJ rights spccifsott the centres dct- 

satsase. 

fe 

A mcltwd ot controtiinj, iscccs? !c fnorsagiSfnent ds- 
jecta if! a d.str;buied o&tworK comprsstfrg th& sisps 

o?: 

8. 

^ic-ificj a £tj! oi access conuo: objects the ac- fS 
cms ccfiljoi ua;!3c;i> tncluding 

gfouij objects, each defining s group and 
a sei cfj yssfs who are meisbsrs of Sis 
gfoup; and 

ryis cbiecls a subset <rf the mie <A){acts 
sa?l> spsottytng a sst of -hs gr^p objscts. 
s SSI of ihjs mssifajemern ofcijeets, ac- 
cess jjqhss by she ysers who are rft$int?efs 
<rf ths groups defined isy 5h« spscifjorf sst sif 
01 tJ5s group c»jject$ to the specified set of 

(r>;~-j)v)nt; accfjss r§qmests f fmi th» osets and 
uisicoiitsfu; ti-19 reeeivad aecsss: reque^s so 
ano'^g p!i.!.sJity of access control esrvsrs for 9. 
p.'ocessing, a s,ijbsei ol ths acwsss requests 
spectlysr.g opss.-Hfions ic bs psrforriTedort spec- 
t!iGc! seiB of ihs rriiirago^iont djjecis; ejsch ac- 
c».ss f^*^"--'^'- I f^ntioti sn^ ficc^f ?s to « dis- .'5 

caraance wiSh me access rights apecSiS'i ir frig 
accsss ccitro: data»s6s. Vi'tierein s! ie3S;t c«e 
of !hs Ssccsss cojitroi SisrvatB, wherslr? each ac- 
csss requesi t. ihe sksfasst is sent for proesss- w 
\ng to or}3 or friors oJ It? s access oor^tRi! sfeTvsrs 
in acocfCsfica m{h the manag^^fft cSjjects to 
which scce^s is feetng requested by the scwess 
request; 

ai Ihs aocsss co--!tf oi vat s, -sspc^' cf ng :c th« -ss 

;^>->f>-.>cf>^sarti«i:y gra'-.tiiirj.-s.-c; -je:.-; ■ q; 5 ac- 
cess ;«7C^u;£iS!«c. tr. ^sch scos&a foquost in ac- 
cordaocs with tns access rtghts spsciSisd « itw 1 0. 
access co!>trot dssaba$e m 

7>i^' fti-rcFs conrro! fr!«mod c! dfSirn 6 whsmin 

• oc.---!^'ir'z: at ono ijt ;hc JccsfxJ conrtroi &C'Vsfs 
aii !Ms acce5.F fsqu3Rt=; -.-..h-ri-'-^^o c-, 1 »■'> 
as f{-ie on« aceois . se - ^ ^ ^ ■ ■ ' 
access foquest :rur iwo : -^l.: 
requests VKher*. ihe acf^s !c tt.a s<Jt ot n-ia;i- 



agerment cJbj<5cts spaclfted by the access w- 
quest is oonlroifed by two cr rnora of itie access 
cofstfot ssrvsfs arrdssfidinglheaccsss syfe-fo- 
qusst& to tfiose two or rrjore access co;>troi 
setvsfs for prcsosasing; and 
at ih') Ofie ftccf^ss cOiitroi ss:"V«.--, cor'^brr'S'ii^ re- 
ispcjnses io she ivvj o- -.nor-) hiwsss i.ub~=o- 
quests generatcci by iwo ct noio ■: f iho so ■ 
cess controi se!^/&re> «Ke' piTfis&s-ff.g the ac- 
csss sub-!«qussis; srd tsiyrning h coirtin&i 
fesportsOTothe user vs?ho su&;^;;tiixj iho s-ccosr. 
fsquesj that was jJsMioiied. 

Ths aecsss cortro! mathod of c!ai>n S, vvhorsin 

a sencnd subsai ot this ttjie objacte. in tns ac- 
cess controi dsts»as;i5 sp«c;fj?' fs se; (jt nie 
groyp -ot.jccts a o! ths accos;; scrtroi oi> 
)9ctg, and accssB tfohns by ins ussrs who are 
fijerni^e ^ o' sr.o :3rrup:j -ieri-i^o cy shs apecsifisd 
set or the group objixts to t-ie spscSied aei of 
acsess eohW objecfs: arid 
at 8ft access contfof dsJab^ae server, sforing 
Ihe accsss cor>tfo) database srs persistent slor- 
^e, focstving sccsss requosis to tha access 
COfStrO! objects, grsri^ig acio dsoysrig Jhe ac- 
cess reqyesSs to sr^s acui^si cor-^rof cbjeci tc, 
accofdancss V5Sth the soeoss gnts spsclti«d ■!■! 
ir;4s access co'^-.to! iSfipihasf: 

The 3CC0SS comrci matt-soa ol cfaifT^ S, wriergin 

a secorvci sabset of Sie ruis ofsscts in Sha ac- 
cess cofttfof database esoh spsc'Sv: a s<jt of iho 
pfouo objects a sw; ot the Tianagsrr^isni ofo- 
jecia, and acceijs -igtiis sy if-ss Vv'hG gfs 
mem?5srs oi ttie Qioupsjtiofinadby the speci'isd 

iSet of th? OinlJCtS to Wi?:-:: riCtlt:Crft!Or;5 

gsnera-i-j L.y -^o -..Ps ..if o<;sc; tf:;i!';jyt,--nc-nt 
Qbj&cts; .=ind 

at an ev-snt -oiiter rgc9ivit>g =vsn! notifications 
gw^eraited by ihs rriasiassmsni objscts and 
sst^dingcprrsspondifigavsm rsettKcatki^^ 
sages oaly lo ysisrsif}: groups who have access 
fights fo those mm. notilicsticns in accord- 
ance witft theJieeess rights ^eeified irj !h© ac- 
pess eomro! database, 

a; an svent jogistry, <-eg;sSo'ir!v^ avsr't r.of:tca- 
tkm requests by ostsrs, eisrh svarn noiii cfiiion 
request specitys^g e^'o^t nctific-itfc-jns Tfwri 
spocsRsd sets of Xha rransgt-itfji cD;«._n? mat 
am besng roquastad; 

oaci-! roccfvevi ovo.->t notricai^oti, corf05.Gonc- 
r.g evsF^f rsotiticaison messages -o ysers who 
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Compare target specified in access request with 
subtree to server mapping table to determine 
portions of access request assoc{a^e(^ with 
auxiiiafy servers. 

When the request's target set fails within tfie 
dornains of more than one server, the request is 
split into sub-requests and sybmitted to the 
respective servers. 



Execute access request or sub-requests at each 
respective server. Store access deny^grant decisions 
in audit tr^il. Transmit response(s.) back to MIS. 



Corr?bine responses and ssnc combined response, if 
any, to initiator (requester). 
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